a786c3b30639a63ded5b3b81c393d56336d34dce Slight tweak to the verify-commits script directions (Douglas Roark)
Pull request description:
Clarify that GnuPG may be used on both Linux and macOS to obtain the keys required to verify the commits.
Tree-SHA512: cec556370f03e00bbd6f585d26b360ca236cf55cb5c0996f6d950d8a98f77c92cc02f1719c8f9b9dc9eac6900eb341a13b50a012752832f39095b7e84046f2cd
45842c3d2 Improve documentation for running verify-commits.py script (Jameson Lopp)
Pull request description:
I ran into 3 different issues while trying to run the verify-commits script for the first time and I think documenting them would help save time for future developers.
1. I was trying to just run it with "python" and didn't realize I had multiple python versions installed and this script is only syntactically valid for python 3.x.
2. I needed to import the trusted keys
3. The script was hanging because it was triggering my yubikey for signature verification
Tree-SHA512: dfc7a62972ca3de528fae3c9d420c7d2d6658767a555ebbf5f4a27c04748c35ccf8bf63bfc9f264358346de0db49bfbaf2d1540793a609d81c2d9b622ee8182c
e5b2cd8e7564b9fc2ed4f63fe49efb0af60b4460 Use python instead of slow shell script on verify-commits (Chun Kuan Lee)
Pull request description:
The cron job that runs every day would fail because of git checkout a single commit, not a branch.
#12708 introduce a method to check whether merges are clean.
However, there are four merges are not clean.
So, I add a list of merges that are dirty and ignore them.
Also, I modify the current shell script to python, it makes the script speed up a lot.
The python code `tree_sha512sum` was copied from `github-merge.py`
I've re-designed this. Now we verify all the things by default.
- Add `--disable-tree-check` option, not to check SHA-512 tree
- Add `--clean-merge NUMBER` option, only verify commits after <NUMBER> days ago
Travis running time:
|option|time|
|-|-|
|verify-commits.py|[25m47.02s(1547.02s)](https://travis-ci.org/ken2812221/bitcoin/jobs/373321423)|
|verify-commits.py --disable-tree-check|[19m10.08s(1150.08s)](https://travis-ci.org/ken2812221/bitcoin/jobs/373321423)|
|verify-commits.py --clean-merge 30|[9m18.18s(558.18s)](https://travis-ci.org/ken2812221/bitcoin/jobs/373321423)|
|verify-commits.py --disable-tree-check --clean-merge 30|[1m16.51s(76.51s)](https://travis-ci.org/ken2812221/bitcoin/jobs/373321423)|
Since the cron job always fail, I've created a respository to verify this daily.
[](https://travis-ci.org/ken2812221/bitcoin-verify-commits)
Tree-SHA512: 476bcf707d92ed3d431ca5642e013036df1506120d3dd2aa718f74240063ce856abd78f4c948336c2a6230dfe5c60c6f2d52d19bdb52d647a1c5f838eaa02e3b
9471576 [verify-commits] Add some additional useful documentation. (Matt Corallo)
de7e931 Add Marco-expired-key-signed-commits to allow-revsig-commits (Matt Corallo)
99f6d48 Revert "test: Update trust git root". (Matt Corallo)
Pull request description:
7deba93bdc was took the wrong approach to updating verify-commits for a key expiration. Namely, adding each commit to allow-revsig-commits should have been done instead, allowing them to still be validated, but with the expired key.
Tree-SHA512: 9fdc67eda8f6daa95082f6c1a2af81beb730a9ff3f8cf930bb2311fe29b5f05e1f89259aba5f112153ca2e9c62577cf60d31b4c8e9ac1bf3f5506e78f8401378
Signed-off-by: pasta <pasta@dashboost.org>
# Conflicts:
# contrib/verify-commits/allow-revsig-commits
1e9aab0 Remove sipa's old revoked key from verify-commits (Peter Todd)
966151e Add README for verify-commits (Peter Todd)
11164ec Remove keys that are no longer used for merging (Peter Todd)
22421fa Remove pointless warning (Peter Todd)
9523e8a Make verify-commits path-independent (Matt Corallo)
f7d4a25 Make verify-commits POSIX-compliant (Matt Corallo)
